static int parseStructure(KSI_TLV *tlv, int indent) {
int res;
KSI_TLV *nested = NULL;
KSI_LIST(KSI_TLV) *list = NULL;
size_t i;
KSI_Utf8String *utf = NULL;
KSI_Integer *integer = NULL;
KSI_OctetString *octet = NULL;
switch (KSI_TLV_getTag(tlv)) {
case 0x01:
/* Cast as numeric TLV */
/* Parse number */
res = KSI_Integer_fromTlv(tlv, &integer);
if (res != KSI_OK) goto cleanup;
break;
case 0x02:
/* Cast as string TLV */
res = KSI_Utf8String_fromTlv(tlv, &utf);
if (res != KSI_OK) goto cleanup;
break;
case 0x03:
case 0x1003:
res = KSI_TLV_getNestedList(tlv, &list);
if (res != KSI_OK) goto cleanup;
/* Parse nested */
for (i = 0; i < KSI_TLVList_length(list); i++) {
res = KSI_TLVList_elementAt(list, i, &nested);
if (res != KSI_OK) goto cleanup;
if (nested == NULL) break;
res = parseStructure(nested, indent);
if (res != KSI_OK) goto cleanup;
}
break;
case 0x04:
/* Cast as octet string*/
res = KSI_OctetString_fromTlv(tlv, &octet);
if (res != KSI_OK) goto cleanup;
break;
default:
res = KSI_INVALID_FORMAT;
goto cleanup;
}
cleanup:
KSI_OctetString_free(octet);
KSI_Utf8String_free(utf);
KSI_Integer_free(integer);
return res;
}
static int publicationsFileTLV_getSignatureTLVLength(KSI_TLV *pubFileTlv, size_t *len) {
int res;
KSI_TLVList *list = NULL;
KSI_TLV *tlvSig = NULL;
const unsigned char *raw = NULL;
size_t raw_len;
size_t sig_len;
KSI_CTX *ctx = NULL;
if (pubFileTlv == NULL && len == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
ctx = KSI_TLV_getCtx(pubFileTlv);
KSI_ERR_clearErrors(ctx);
res = KSI_TLV_getNestedList(pubFileTlv, &list);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
res = KSI_TLVList_elementAt(list, KSI_TLVList_length(list) - 1, &tlvSig);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
if (KSI_TLV_getTag(tlvSig) != 0x704) {
KSI_pushError(ctx, res, "Last TLV in publications file must be signature (0x704)");
goto cleanup;
}
res = KSI_TLV_getRawValue(tlvSig, &raw, &raw_len);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
sig_len = raw_len;
sig_len += 4;
*len = sig_len;
cleanup:
return res;
}
static int extract(KSI_CTX *ctx, void *payload, KSI_TLV *tlv, const KSI_TlvTemplate *tmpl, struct tlv_track_s *tr, size_t tr_len, size_t tr_size) {
int res = KSI_UNKNOWN_ERROR;
int tr_inc = 0;
TLVListIterator iter;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || payload == NULL || tlv == NULL || tmpl == NULL || tr == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
res = KSI_TLV_cast(tlv, KSI_TLV_PAYLOAD_TLV);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
res = KSI_TLV_getNestedList(tlv, &iter.list);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
iter.idx = 0;
/*When extracting second tlv there is no need to register it twice because it is mention in lower level.*/
if (tr_len == 0) {
tr[tr_len].tag = KSI_TLV_getTag(tlv);
tr[tr_len].desc = NULL;
tr_inc = 1;
}
res = extractGenerator(ctx, payload, (void *)&iter, tmpl, (int (*)(void *, KSI_TLV **))TLVListIterator_next, tr, tr_len + tr_inc, tr_size);
if (res != KSI_OK) {
char buf[1024];
KSI_LOG_debug(ctx, "Unable to parse TLV: %s", track_str(tr, tr_len, tr_size, buf, sizeof(buf)));
KSI_pushError(ctx, res, buf);
goto cleanup;
}
res = KSI_OK;
cleanup:
return res;
}
static int generateNextTlv(struct generator_st *gen, KSI_TLV **tlv) {
int res = KSI_UNKNOWN_ERROR;
unsigned char *buf = NULL;
size_t consumed = 0;
KSI_FTLV ftlv;
if (gen == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
if (gen->tlv != NULL) {
KSI_TLV_free(gen->tlv);
gen->tlv = NULL;
}
/* Try to parse only when there is something left to parse. */
if (gen->len > 0) {
memset(&ftlv, 0, sizeof(ftlv));
res = KSI_FTLV_memRead(gen->ptr, gen->len, &ftlv);
if (res != KSI_OK) {
KSI_pushError(gen->ctx, res, NULL);
goto cleanup;
}
consumed = ftlv.hdr_len + ftlv.dat_len;
buf = KSI_malloc(consumed);
if (buf == NULL) {
KSI_pushError(gen->ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
memcpy(buf, gen->ptr, consumed);
gen->ptr += consumed;
gen->len -= consumed;
/* Make sure the buffer is not overflowing. */
if (consumed > UINT_MAX){
KSI_pushError(gen->ctx, res = KSI_INVALID_FORMAT, "Input too large.");
goto cleanup;
}
if (consumed > 0) {
if (gen->hasSignature) {
/* The signature must be the last element. */
KSI_pushError(gen->ctx, res = KSI_INVALID_FORMAT, "The signature must be the last element.");
goto cleanup;
}
res = KSI_TLV_parseBlob2(gen->ctx, buf, (unsigned)consumed, 1, &gen->tlv);
if (res != KSI_OK) {
KSI_pushError(gen->ctx, res, NULL);
goto cleanup;
}
buf = NULL;
if (KSI_TLV_getTag(gen->tlv) == 0x0704) {
gen->sig_offset = gen->offset;
gen->hasSignature = true;
}
}
}
gen->offset += consumed;
*tlv = gen->tlv;
res = KSI_OK;
cleanup:
KSI_free(buf);
return res;
}
KSI_END_TLV_TEMPLATE
static int replaceCalendarChain(KSI_Signature *sig, KSI_CalendarHashChain *calendarHashChain) {
int res;
KSI_DataHash *aggrOutputHash = NULL;
KSI_TLV *oldCalChainTlv = NULL;
KSI_TLV *newCalChainTlv = NULL;
KSI_LIST(KSI_TLV) *nestedList = NULL;
size_t i;
if (sig == NULL || calendarHashChain == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
KSI_ERR_clearErrors(sig->ctx);
res = KSI_TLV_getNestedList(sig->baseTlv, &nestedList);
if (res != KSI_OK) {
KSI_pushError(sig->ctx, res, NULL);
goto cleanup;
}
if (sig->calendarChain != NULL) {
for (i = 0; i < KSI_TLVList_length(nestedList); i++) {
res = KSI_TLVList_elementAt(nestedList,i, &oldCalChainTlv);
if (res != KSI_OK) {
KSI_pushError(sig->ctx, res, NULL);
goto cleanup;
}
if (oldCalChainTlv == NULL) {
KSI_pushError(sig->ctx, res = KSI_INVALID_SIGNATURE, "Signature TLV element missing.");
goto cleanup;
}
if (KSI_TLV_getTag(oldCalChainTlv) == 0x0802) break;
}
}
res = KSI_TLV_new(sig->ctx, 0x0802, 0, 0, &newCalChainTlv);
if (res != KSI_OK) {
KSI_pushError(sig->ctx, res, NULL);
goto cleanup;
}
res = KSI_TlvTemplate_construct(sig->ctx, newCalChainTlv, calendarHashChain, KSI_TLV_TEMPLATE(KSI_CalendarHashChain));
if (res != KSI_OK) {
KSI_pushError(sig->ctx, res, NULL);
goto cleanup;
}
res = (sig->calendarChain == NULL) ?
/* In case there is no calendar hash chain attached, append a new one. */
KSI_TLV_appendNestedTlv(sig->baseTlv, newCalChainTlv) :
/* Otherwise replace the calendar hash chain. */
KSI_TLV_replaceNestedTlv(sig->baseTlv, oldCalChainTlv, newCalChainTlv);
if (res != KSI_OK) {
KSI_pushError(sig->ctx, res, NULL);
goto cleanup;
}
newCalChainTlv = NULL;
/* The memory was freed within KSI_TLV_replaceNestedTlv. */
oldCalChainTlv = NULL;
KSI_CalendarHashChain_free(sig->calendarChain);
sig->calendarChain = calendarHashChain;
res = KSI_OK;
cleanup:
KSI_nofree(nestedList);
KSI_DataHash_free(aggrOutputHash);
KSI_TLV_free(newCalChainTlv);
return res;
}
static int extractGenerator(KSI_CTX *ctx, void *payload, void *generatorCtx, const KSI_TlvTemplate *tmpl, int (*generator)(void *, KSI_TLV **), struct tlv_track_s *tr, size_t tr_len, size_t tr_size) {
int res = KSI_UNKNOWN_ERROR;
KSI_TLV *tlv = NULL;
char buf[1024];
void *voidVal = NULL;
void *compositeVal = NULL;
void *valuep = NULL;
KSI_TLV *tlvVal = NULL;
size_t template_len = 0;
bool templateHit[MAX_TEMPLATE_SIZE];
bool groupHit[2] = {false, false};
bool oneOf[2] = {false, false};
size_t i;
size_t tmplStart = 0;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || payload == NULL || generatorCtx == NULL || tmpl == NULL || generator == NULL || tr == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
/* Analyze the template. */
template_len = getTemplateLength(tmpl);
if (template_len == 0) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, "Empty template suggests invalid state.");
goto cleanup;
}
/* Make sure there will be no buffer overflow. */
if (template_len > MAX_TEMPLATE_SIZE) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, "Template too big");
goto cleanup;
}
memset(templateHit, 0, sizeof(templateHit));
while (1) {
int matchCount = 0;
res = generator(generatorCtx, &tlv);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
if (tlv == NULL) break;
KSI_LOG_trace(ctx, "Starting to parse TLV[0x%02x]", KSI_TLV_getTag(tlv));
if (tr_len < tr_size) {
tr[tr_len].tag = KSI_TLV_getTag(tlv);
tr[tr_len].desc = NULL;
}
for (i = tmplStart; i < template_len; i++) {
if (tmpl[i].tag != KSI_TLV_getTag(tlv)) continue;
if (i == tmplStart && !tmpl[i].multiple) tmplStart++;
tr[tr_len].desc = tmpl[i].descr;
matchCount++;
templateHit[i] = true;
if ((tmpl[i].flags & KSI_TLV_TMPL_FLG_LEAST_ONE_G0) != 0) groupHit[0] = true;
if ((tmpl[i].flags & KSI_TLV_TMPL_FLG_LEAST_ONE_G1) != 0) groupHit[1] = true;
if (FLAGSET(tmpl[i], KSI_TLV_TMPL_FLG_MOST_ONE_G0)) {
if (oneOf[0]) {
KSI_pushError(ctx, res = KSI_INVALID_FORMAT, "Mutually exclusive elements present within group 0.");
goto cleanup;
}
oneOf[0] = true;
}
if (FLAGSET(tmpl[i], KSI_TLV_TMPL_FLG_MOST_ONE_G1)) {
if (oneOf[1]) {
KSI_pushError(ctx, res = KSI_INVALID_FORMAT, "Mutually exclusive elements present within group 0.");
goto cleanup;
}
oneOf[1] = true;
}
valuep = NULL;
if (tmpl[i].getValue != NULL) {
/* Validate the value has not been set */
res = tmpl[i].getValue(payload, (void **)&valuep);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
}
if (valuep != NULL && !tmpl[i].multiple) {
compositeVal = NULL;
KSI_LOG_error(ctx, "Multiple occurrences of a unique tag 0x%02x", tmpl[i].tag);
KSI_pushError(ctx, res = KSI_INVALID_FORMAT, "To avoid memory leaks, a value may not be set more than once while parsing.");
goto cleanup;
}
/* Parse the current TLV */
switch (tmpl[i].type) {
case KSI_TLV_TEMPLATE_OBJECT:
KSI_LOG_trace(ctx, "Detected object template for TLV value extraction.");
if (tmpl[i].fromTlv == NULL) {
KSI_pushError(ctx, res = KSI_UNKNOWN_ERROR, "Invalid template: fromTlv not set.");
goto cleanup;
}
res = tmpl[i].fromTlv(tlv, &voidVal);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
res = storeObjectValue(ctx, &tmpl[i], payload, voidVal);
if (res != KSI_OK) {
tmpl[i].destruct(voidVal); // FIXME: Make sure, it is a valid pointer.
goto cleanup;
}
break;
case KSI_TLV_TEMPLATE_COMPOSITE:
{
KSI_LOG_trace(ctx, "Detected composite template for TLV value extraction.");
res = tmpl[i].construct(ctx, &compositeVal);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
res = extract(ctx, compositeVal, tlv, tmpl[i].subTemplate, tr, tr_len + 1, tr_size);
if (res != KSI_OK) {
KSI_LOG_error(ctx, "Unable to parse composite TLV: %s", track_str(tr, tr_len, tr_size, buf, sizeof(buf)));
tmpl[i].destruct(compositeVal); // FIXME: Make sure is is a valid pointer.
goto cleanup;
}
res = storeObjectValue(ctx, &tmpl[i], payload, (void *)compositeVal);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
/* Reset the buffer. */
break;
}
default:
KSI_LOG_error(ctx, "No template found.");
/* Should not happen, but just in case. */
KSI_pushError(ctx, res = KSI_UNKNOWN_ERROR, "Undefined template type");
goto cleanup;
}
if ((tmpl[i].flags & KSI_TLV_TMPL_FLG_MORE_DEFS) == 0) break;
}
/* Check if a match was found, an raise an error if the TLV is marked as critical. */
if (matchCount == 0 && !KSI_TLV_isNonCritical(tlv)) {
char errm[1024];
KSI_snprintf(errm, sizeof(errm), "Unknown critical tag: %s", track_str(tr, tr_len + 1, tr_size, buf, sizeof(buf)));
KSI_LOG_error(ctx, errm);
KSI_pushError(ctx, res = KSI_INVALID_FORMAT, errm);
goto cleanup;
}
}
/* Check that every mandatory component was present. */
for (i = 0; i < template_len; i++) {
char errm[100];
if ((tmpl[i].flags & KSI_TLV_TMPL_FLG_MANDATORY) != 0 && !templateHit[i]) {
KSI_snprintf(errm, sizeof(errm), "Mandatory element missing: %s->[0x%x]%s", track_str(tr, tr_len, tr_size, buf, sizeof(buf)), tmpl[i].tag, tmpl[i].descr != NULL ? tmpl[i].descr : "");
KSI_LOG_debug(ctx, "%s", errm);
KSI_pushError(ctx, res = KSI_INVALID_FORMAT, errm);
goto cleanup;
}
if (((tmpl[i].flags & KSI_TLV_TMPL_FLG_LEAST_ONE_G0) != 0 && !groupHit[0]) ||
((tmpl[i].flags & KSI_TLV_TMPL_FLG_LEAST_ONE_G1) != 0 && !groupHit[1])) {
KSI_snprintf(errm, sizeof(errm), "Mandatory group missing: %s->[0x%x]%s", track_str(tr, tr_len, tr_size, buf, sizeof(buf)), tmpl[i].tag, tmpl[i].descr != NULL ? tmpl[i].descr : "");
KSI_LOG_debug(ctx, "%s", errm);
KSI_pushError(ctx, res = KSI_INVALID_FORMAT, errm);
goto cleanup;
}
}
res = KSI_OK;
cleanup:
KSI_TLV_free(tlvVal);
return res;
}
